News
Abstract
This zSecure Service Stream Enhancement (SSE) includes several enhancements to the zSecure 3.1.0 products, including Db2 secure row and column protection audit. The zSecure 3.1.0 documentation was refreshed with all the updates related to these enhancements.
Content
- Support for updated and additional compliance standards:
- CIS IBM z/OS V2R5 with RACF Benchmark v1.1.0.
- CIS IBM Db2 13 for z/OS Benchmark v1.0.0 (partial implementation).
- Multiple small updates and fixes have been incorporated for the STIG standard.
- zSecure 3.1.0 compliance-related updates.
- List of DISA STIG and CIS IBM z/OS with RACF Benchmark compliance standards available in zSecure 3.1.0.
- Several minor enhancements and fixes are implemented for the Compliance Standard framework. For example, configuration assertions can now truly be expired.
- The ISPF User Interface for Compliance Standards has been enhanced:
- An option was added to remove previous Configuration Assertions.
- All sensitivity types can now contain a description text.
- zSecure Access Monitor, zSecure Alert, and the zSecure SMF Collector are changed to allow starting the started task directly under the Master subsystem instead of under JES. This enables earlier start of data collection. Reporting and alerting on the collected events is done after JES (and TCPIP for zSecure Alert) is active.
- zSecure Admin and Audit and the ISPF User Interface have been enhanced:
- Display the extended key usage information for digital certificates.
- zSecure Admin: The CKGRACF command has a NOPROPAGATE option to stop RRSF propagation of the RACF database updates, and sorting in Report Scope now works as intended.
- zSecure Audit: A new menu item RE.R has been added to show information about general resources and their protection. The resources can be used by operating system components or by subsystems and applications.
- zSecure Audit for ACF2 now shows the conditional access through the WHEN(CRITERIA) option.
- The zSecure Command Verifier product has been enhanced with a policy to control the authority to display profiles and profile names when using the RACF LISTDSD, RLIST, and SEARCH commands.
- Additional enhancements and bug fixes are applied:
- Message CKF0546 now has additional debug information.
- Message CKF1024 is now suppressed in zSecure Alert.
- ISPF option RA.5.0 now has support for
Show differences
andCustomize Title
. - ISPF option RA.U/P now suppresses phrase validation when requested.
- zSecure Alert extended monitoring data sets can be deleted more quickly.
- ISPF options specified on SE.T are also used for recursive queries.
- Print format output is now consistent with interactive reports and uses specified selection criteria.
- LEEF format data sent to QRadar now uses SYSTEM name when full JobTag information is not available.
- Active SMF record subtype information shows accurate information.
zSecure 3.1.0 documentation includes the documentation updates for this SSE.
Related Information
[{"Type":"MASTER","Line of Business":{"code":"LOB24","label":"Security Software"},"Business Unit":{"code":"BU048","label":"IBM Software"},"Product":{"code":"SSPN95","label":"IBM Security zSecure Audit"},"ARM Category":[{"code":"a8m0z000000GoYsAAK","label":"zSecure Audit-\u003EDocumentation"}],"Platform":[{"code":"PF035","label":"z\/OS"}],"Version":"3.1.0"},{"Type":"MASTER","Line of Business":{"code":"LOB24","label":"Security Software"},"Business Unit":{"code":"BU048","label":"IBM Software"},"Product":{"code":"SSPQTM","label":"IBM Security zSecure Admin"},"ARM Category":[{"code":"a8m0z000000GoZlAAK","label":"zSecure Admin-\u003EDocumentation"}],"Platform":[{"code":"PF035","label":"z\/OS"}],"Version":"3.1.0"},{"Line of Business":{"code":"LOB24","label":"Security Software"},"Business Unit":{"code":"BU048","label":"IBM Software"},"Product":{"code":"SSPLQS","label":"IBM Security zSecure Alert"},"ARM Category":[{"code":"a8m0z000000GoZHAA0","label":"zSecure Alert-\u003EDocumentation"}],"Platform":[{"code":"PF035","label":"z\/OS"}],"Version":"3.1.0","Type":"MASTER"},{"Line of Business":{"code":"LOB24","label":"Security Software"},"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SSRPQG","label":"IBM Security zSecure CICS Toolkit"},"ARM Category":[{"code":"a8m0z000000GoYJAA0","label":"zSecure CICS Toolkit-\u003EDocumentation"}],"Platform":[{"code":"PF035","label":"z\/OS"}],"Version":"3.1.0","Type":"MASTER"},{"Type":"MASTER","Line of Business":{"code":"LOB24","label":"Security Software"},"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SSRM9V","label":"IBM Security zSecure Command Verifier"},"ARM Category":[{"code":"a8m0z000000bm8NAAQ","label":"zSecure Command Verifier-\u003EDocumentation"}],"Platform":[{"code":"PF035","label":"z\/OS"}],"Version":"3.1.0"},{"Type":"MASTER","Line of Business":{"code":"LOB24","label":"Security Software"},"Business Unit":{"code":"BU048","label":"IBM Software"},"Product":{"code":"SSRMQU","label":"IBM Security zSecure Visual"},"ARM Category":[{"code":"a8m0z000000bm8rAAA","label":"zSecure Visual-\u003EDocumentation"}],"Platform":[{"code":"PF033","label":"Windows"}],"Version":"3.1.0"},{"Type":"MASTER","Line of Business":{"code":"LOB24","label":"Security Software"},"Business Unit":{"code":"BU048","label":"IBM Software"},"Product":{"code":"SSCHPT","label":"IBM Security zSecure Adapters for SIEM"},"ARM Category":[{"code":"a8m0z000000GoWNAA0","label":"zSecure Data Preparation for SIEM-\u003EDocumentation"}],"Platform":[{"code":"PF035","label":"z\/OS"}],"Version":"3.1.0"},{"Type":"MASTER","Line of Business":{"code":"LOB24","label":"Security Software"},"Business Unit":{"code":"BU048","label":"IBM Software"},"Product":{"code":"SSO5Y9T","label":"IBM Z Security and Compliance Center"},"ARM Category":[{"code":"a8m3p000000hC73AAE","label":"ZSCC-\u003EDocumentation"}],"Platform":[{"code":"PF035","label":"z\/OS"}],"Version":"1.2.0"}]
Was this topic helpful?
Document Information
Modified date:
05 April 2024
UID
ibm17130004